Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Palou wins at Road America to boost IndyCar season lead
-
Bumrah says 'fate' behind Brook's exit for 99 against India
-
Gout Gout says 100m 'too short' for him
-
Democrats assail 'erratic' Trump over Iran strikes
-
Iran threatens US bases in response to strikes on nuclear sites
-
NBA Suns trade star forward Kevin Durant to Rockets
-
At least 20 killed in suicide attack on Damascus church
-
NATO strikes spending deal, but Spain exemption claim risks Trump ire
-
Queen's champion Alcaraz in the groove ahead of Wimbledon
-
Yildiz stars as Juventus beat Wydad at Club World Cup
-
Bumrah and Brook shine to leave England-India opener in the balance
-
Pogba says he is talking to a club about comeback after ban
-
NBA Suns trade star forward Kevin Durant to Rockets: ESPN
-
Muslim countries urge end to Israel's 'aggression' against Iran
-
'How to Train Your Dragon' holds top spot in N.America box office
-
Almeida wins time-trial to take Tour of Switzerland
-
Bublik sees off Medvedev to claim second title on grass in Halle
-
Feyi-Waboso banned for England tour to Argentina
-
US strikes on Iran: what we know
-
Alcaraz crowned king of Queen's for second time
-
US says strikes 'devastated' Iran's nuclear program
-
Bublik sees off Medvedev to claim fifth AFP title in Halle
-
Freed Belarus opposition figure urges Trump to help release all prisoners
-
Wave of syringe attacks mar France's street music festival
-
US intervention 'devastated' Iran's nuclear programme says Pentagon
-
Marc Marquez completes perfect Mugello weekend with Italian MotoGP triumph
-
Vondrousova warms up for Wimbledon with Berlin title
-
India still on top in first Test despite Brook fifty for England
-
Ukraine army chief vows to expand strikes on Russia
-
United behind Iran war effort, Israelis express relief at US bombing
-
Former England fast bowler David Lawrence dead at 61
-
At least three impacts in Israel during Iran missile attacks, 23 hurt
-
Trump says US strikes 'obliterated' Iran nuclear sites
-
Japan's high-tech sunscreens tap into skincare craze
-
Tesla expected to launch long-discussed robotaxi service
-
South Korea counts on shipbuilding to ease US tariff woes
-
Bombing Iran, Trump gambles on force over diplomacy
-
Trump says US attack 'obliterated' Iran nuclear sites
-
Itoje to Valetini: five to watch when the Lions face Australia
-
Wallabies confident but wary of wounded British and irish Lions
-
Utopia and fragile democracy at Art Basel fair
-
Freed Israeli hostage recounts 484-day nightmare in Gaza
-
River Plate frustrated by Monterrey in 0-0 stalemate
-
Panama cuts internet, cell phones in restive province
-
Tens of thousands join pro-Palestinian marches across Europe
-
Coach Penney unsure of return to Super Rugby champions Crusaders
-
Trump says US 'obliterated' Iran nuclear sites, threatens more
-
Olympic chief Kirsty Coventry's steeliness honed by hard knocks
-
Outgoing IOC president Thomas Bach faced mammoth challenges
-
Maro Itoje comes of age with Lions captaincy
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
Q.Bulbul--SF-PST
